#27587: str(QuerySet.query) should be documented
--------------------------------+--------------------------------------
     Reporter:  Peter Inglesby  |                    Owner:  nobody
         Type:  Uncategorized   |                   Status:  new
    Component:  Documentation   |                  Version:  1.10
     Severity:  Normal          |               Resolution:
     Keywords:                  |             Triage Stage:  Unreviewed
    Has patch:  0               |      Needs documentation:  0
  Needs tests:  0               |  Patch needs improvement:  0
Easy pickings:  1               |                    UI/UX:  0
--------------------------------+--------------------------------------

Comment (by Aymeric Augustin):

 Regarding the limitations, I don't think we should accept the current
 status quo as the best we can do:

 1. if it's reasonably easy to perform the escaping correctly, typically
 just by escaping arguments with a function provided by the database
 adapter prior to interpolation, then Django should do it.
 2. if there's no function for escaping arguments, but a well documented
 and not too complicated process do to so (replace " by "" then wrap in
 "...") then we should consider doing it as well
 3. if the escaping rules are unclear and there's no way to ask the
 database to do it, then we should return something that is *obviously*
 invalid, like QUERY = ... ; PARAMS = ...

 I did that some time ago for `last_executed_query`. SQLite stayed at 3 for
 half a decade before moving to 2.

 I believe the same logic should apply to QuerySet.query and similar
 methods.

--
Ticket URL: <https://code.djangoproject.com/ticket/27587#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/065.756c6b40b4fefd22bd3dc24c90563a68%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to